Associate Digital Forensics Incident Response Analyst needed at NTT Ltd.

Your day at NTT DATA

• The Associate Digital Forensics Incident Response Analyst is an entry level subject matter expert, responsible for assisting with the detection and monitoring of threats and suspicious activity affecting the organization’s technology domain.
• This role acts as the technical first responder by supporting the work of technical staff from various business areas as well as third-party technical experts.
• This role uses their technical competencies of systems and automated mechanisms to detect unauthorized activity on company’s information assets.

Key responsibilities:

• Assists with the prevention and resolution of security breaches and ensures incident and problem management processes are initiated.
• Supports access management activities according to the policy.
• Assists with the implementation of and discusses security service audit schedules, review access authorization and performs the required access controls and testing to identify security weaknesses.
• Interacts with a global team of Cyber Security Analysts and specialists.
• Notifies internal and/or external teams according to agreed alert priority levels, escalation trees, 1st level triaging of security alerts, events, and notifications.
• Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders.
• Ability to follow and update established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified.
• Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults.

To thrive in this role, you need to have:

• Knowledge of technological advances within the information security arena.
• Understanding of inter-relationships in an overall system or process.
• Knowledge of information security management and policies.
• Maintain an understanding of current and emerging threats, vulnerabilities, and trends.

Academic qualifications and certifications:

• Bachelor’s degree or equivalent in Information Technology, Computer Science or related preferred.
• SANS GIAC Security Essentials (GSEC) or equivalent preferred.
• SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred.
• SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred.

Required experience:

• Entry level experience in a Technology Information Security Industry.
• Experience using End Point Protection Software.
• Experience using Enterprise Detection & Response software.
• Experience or knowledge of SIEM and IPS technologies.
• Experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviors.